LabCorp's $35 Million AMCA Settlement: When Your Vendor's Breach Becomes Your Liability
LabCorp agreed to a $35 million settlement over the American Medical Collection Agency breach that exposed data on more than 10 million of its patient...
18 articles on third-party risk โ privacy laws, security frameworks, and regulatory compliance.
LabCorp agreed to a $35 million settlement over the American Medical Collection Agency breach that exposed data on more than 10 million of its patient...
When the U.S. forced Anthropic to disable Fable 5 and Mythos 5 worldwide, paying enterprise customers lost the model with effectively no notice. Stand...
In June 2026 the Defense Intelligence Agency rated Israel a 'critical' counterintelligence threat โ its highest designation for any ally โ after spywa...
The extortion group ShinyHunters leaked roughly 234 GB of data tied to DentaQuest, the Sun Life-owned dental benefits administrator, exposing names, d...
2026 is the year the EU's two flagship cyber-resilience regimes stop being aspirational. DORA enters its first real supervisory enforcement cycle for ...
May 2026 saw 95 publicly disclosed ransomware attacks across 17 countries, with Qilin and ShinyHunters leading a campaign that increasingly skips encr...
NYC Health + Hospitals confirmed a breach affecting 1.8 million individuals โ including fingerprints and palm prints โ originating through a third-par...
HHS OCR settled with MMG Fusion, LLC for $10,000 following a breach that exposed the protected health information of 15 million patients โ one of the ...
The Oncology Institute disclosed on May 20, 2026 via SEC Form 8-K that a vendor had detected unauthorized access to information systems handling patie...
The 2026 Verizon Data Breach Investigations Report analyzed more than 22,000 confirmed breaches and found that vulnerability exploitation now accounts...
In late April and early May 2026, Cushman & Wakefield confirmed a cyberattack originating from a voice phishing operation that gave ShinyHunters acces...
In April 2026, ShinyHunters executed two related but technically distinct supply chain attacks: a Salesforce Experience Cloud misconfiguration at McGr...
On April 20, 2026, the Everest ransomware gang listed both Citizens Financial Group and Frost Bank on its dark web leak site, claiming to hold 3.4 mil...
Two high-profile security incidents broke within hours of each other on April 19โ20, 2026. Both involved AI platforms. Both exposed real customer data...
Booking.com confirmed hackers accessed customer reservation data in April 2026, raising immediate GDPR 72-hour notification questions โ and echoing a ...
A threat actor known as 'Mr. Raccoon' claims to have stolen 13 million Adobe customer support tickets and 15,000 employee records โ not by hacking Ado...
Amazon's Ring cancelled its integration with Flock Safety after public backlash โ a case study in vendor risk management, third-party surveillance exp...
Stay ahead of evolving compliance requirements with our comprehensive analysis of 2025 regulatory trends. This guide offers strategic insights and pra...